Claims* 



11. A network device that communicates with other network 

2 devices connected through a network, wherein" 

3 said network device comprising* 

4 a group management means, which manages a group 

5 consisting of network devices that can authenticate one another; 

6 a cipher communication means, which performs cipher 

7 communication with the network devices belonging to said group, 

8 using a common encryption key* 

9 a storage means, which stores cipher communication 

10 information required for cipher communication with the network 

11 devices belonging to said network, with said information including 

12 information of said encryption key and identification information 

13 including host names and addresses of the network devices 

14 belonging to said group; and 

15 an acquisition means, which acquires information from 

16 outside; and 

17 when said acquisition means acquires said cipher 

18 communication information in a state that said storing means 

19 does not store said cipher communication information, said group 

20 management means stores said cipher communication information 

21 in said storing means and sends identification information of its 

22 own network device to the network devices belonging to said 

23 group; and 

24 when said group management means acquires 

25 identification information of another network device from said 
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26 another network device through said cipher communication means, 

27 said group management means adds said identification 

28 information to said cipher communication information stored in 

29 said storage means. 

12. A network device according to Claim 1, wherein- 

2 when said acquisition means receives an instruction to 

3 withdraw from the group, said group management means notifies 

4 withdrawal of its own network device to all the network devices 

5 belonging to said group through said cipher communication means, 

6 and deletes said cipher communication information from said 

7 storing means; and 

8 when a notification of withdrawal of another network 

9 device is received from said another network device through said 

10 cipher communication means, said group management means 

11 deletes identification information of said another network device 

12 from said cipher communication information stored in said storing 

13 means. 

13. A network device according to Claim 1 or Claim 2, 

2 wherein^ 

3 said acquisition means is an interface with a storage 

4 medium; and 

5 when a storage medium, which stores said cipher 

6 communication information, is inserted into said acquisition 

7 means in a state that said storage medium stores said cipher 

8 communication information, said group management means copies 

9 the cipher communication information stored in said storage 
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10 means to said storage medium. 

14. A network device according to one of Claims 1, 2 and 3, 

2 wherein* 

3 said network device further comprises" 

4 a non-cipher communication means, which performs 

5 non-cipher communication! and 

6 an access control means, which controls accesses to 

7 services provided by said network device* and 

8 when there occurs an access from another network device 

9 through said non-cipher communication means, said access control 

10 means permits said access when said access is an access to a 

11 predetermined port. 

15. A network system comprising a plurality of network 

2 devices, and a network that connects said plurality of network 

3 devices, wherein* 

4 each of said plurality of network devices is a network 

5 device according to one of Claims 1 - 4. 

16. A group management method for managing a group 

2 consisting of devices connected through a network, with a device 

3 of the group being able to perform cipher communication with 

4 another device of the group while authenticating each other, 

5 comprising' 

6 a group generation step, in which one device connected to 

7 said network generates an encryption key used for said cipher 

8 communication, and holds, as cipher communication information, 



9 said encryption key and identification information including a 

10 host name and address of said one device itself; 

11 a first group participation step, in which a device that 

12 acquires said cipher communication information notifies 

13 identification information of the device itself and information 

14 indicating participation of the device itself to all devices whose 

15 identification information is stored in said cipher communication 

16 information, and said device adds said identification information 

17 of the device itself to said cipher communication information and 

18 holds said cipher communication information; 

19 a second group participation step, in which a device that 

20 receives said identification information and said information 

21 indicating the participation adds said identification information 

22 to the cipher communication information that said device holds; 

23 a first withdrawal step, in which a device that receives an 

24 instruction to withdraw from said group notifies information 

25 indicating withdrawal and identification information of the device 

26 itself to all devices excluding said device itself whose 

27 identification information is stored in said cipher communication 

28 information, and deletes the cipher communication information 

29 that the device itself holds; and 

30 a second withdrawal step, in which a device that receives 

31 the notification of said withdrawal deletes the notified 

32 identification information from the cipher communication 

33 information that the device itself holds. 



7. A program that makes a computer function as- 

a group generation means that generates an encryption 
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key used for cipher communication and holds, as cipher 
communication information, said encryption key and 
identification including a host name and address of the computer 
itself; 

a first group participation means that notifies 
identification information and information indicating 
participation of the computer itself to all devices whose 
identification information is stored in said cipher communication 
information, through cipher communication, and adds the 
identification information of the computer itself to said cipher 
communication information, when said cipher communication 
information is acquired; 

a second group participation means that adds said 
identification information of another device to the cipher 
communication information that the computer itself holds, when 
said identification information of said another device and 
information indicating participation of said another device are 
received from said another device; 

a first group withdrawal means that notifies information 
indicating withdrawal and identification information of the 
computer itself to all devices excluding the computer itself whose 
identification information is stored in the cipher communication, 
through the cipher communication, and deletes said cipher 
communication information that the computer itself holds, when 
an instruction to delete the cipher communication information is 
received; and 

a second group withdrawal means that deletes 
identification information of another device from the cipher 
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communication information that the computer itself holds, when 
said identification information of said another device and 
information indicating withdrawal of said another device are 
received. 
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